package com.dongyimai.oauth.config;

import com.dongyimai.oauth.util.UserJwt;
import com.offcn.entity.Result;
import com.offcn.user.feign.UserFeign;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

/*****
 * 自定义授权认证类
 */
@Service
public class UserDetailsServiceImpl implements UserDetailsService {

    @Autowired
    ClientDetailsService clientDetailsService;

    @Autowired
    UserFeign userFeign;

    @Value("${auth.clientSecret}")
    private String clientSecret;

    /****
     * 自定义授权认证
     * @param username
     * @return
     * @throws UsernameNotFoundException
     */
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        // ********************************客户端信息认证开始*****************************************
        //取出身份，如果身份为空说明没有认证
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        //没有认证统一采用httpbasic认证，httpbasic中存储了client_id和client_secret，开始认证client_id和client_secret
        if(authentication==null){
            User user = null;
            //静态方式
            user =  new User(username,
                    new BCryptPasswordEncoder().encode(clientSecret),
                    AuthorityUtils.commaSeparatedStringToAuthorityList(""));
            //数据库查找方式
//            ClientDetails clientDetails = clientDetailsService.loadClientByClientId(username);
//            if(clientDetails!=null){
////                从数据库中获取秘钥
//                  String clientSecret = clientDetails.getClientSecret();
//                  user =  new User(username,clientSecret, AuthorityUtils.commaSeparatedStringToAuthorityList(""));
//            }
            return user;
        }
        // ********************************客户端信息认证结束*****************************************
        // ********************************用户名和密码登录开始*****************************************
        if (StringUtils.isEmpty(username)) {
            return null;
        }

        //根据用户名查询用户信息
//        String pwd = new BCryptPasswordEncoder().encode("dongyimai");
        Result<com.offcn.user.pojo.User> result = userFeign.findByUsername(username);
        if (result.getData() == null || result.getData().getPassword() == null){
            return null;
        }
        String pwd = result.getData().getPassword();
        //创建User对象
        String permissions = "user,accountant,salesman";
        UserJwt userDetails = new UserJwt(username,pwd,AuthorityUtils.commaSeparatedStringToAuthorityList(permissions));
        return userDetails;
        // ********************************用户名和密码登录开始*****************************************
    }
}
